150 lines
4.4 KiB
TypeScript
150 lines
4.4 KiB
TypeScript
import * as assert from "assert";
|
|
|
|
import fs from "node:fs";
|
|
|
|
import * as userFunctions from "../helpers/functions.user.js";
|
|
|
|
describe("functions.user", () => {
|
|
describe("unauthenticated, no user in session", () => {
|
|
const noUserRequest = {
|
|
session: {}
|
|
};
|
|
|
|
it("can not update", () => {
|
|
assert.strictEqual(userFunctions.userCanUpdate(noUserRequest), false);
|
|
});
|
|
|
|
it("is not admin", () => {
|
|
assert.strictEqual(userFunctions.userIsAdmin(noUserRequest), false);
|
|
});
|
|
});
|
|
|
|
describe("read only user, no update, no admin", () => {
|
|
const readOnlyRequest: userFunctions.UserRequest = {
|
|
session: {
|
|
user: {
|
|
userName: "*test",
|
|
userProperties: {
|
|
canUpdate: false,
|
|
isAdmin: false,
|
|
apiKey: ""
|
|
}
|
|
}
|
|
}
|
|
};
|
|
|
|
it("can not update", () => {
|
|
assert.strictEqual(userFunctions.userCanUpdate(readOnlyRequest), false);
|
|
});
|
|
|
|
it("is not admin", () => {
|
|
assert.strictEqual(userFunctions.userIsAdmin(readOnlyRequest), false);
|
|
});
|
|
});
|
|
|
|
describe("update only user, no admin", () => {
|
|
const updateOnlyRequest: userFunctions.UserRequest = {
|
|
session: {
|
|
user: {
|
|
userName: "*test",
|
|
userProperties: {
|
|
canUpdate: true,
|
|
isAdmin: false,
|
|
apiKey: ""
|
|
}
|
|
}
|
|
}
|
|
};
|
|
|
|
it("can update", () => {
|
|
assert.strictEqual(userFunctions.userCanUpdate(updateOnlyRequest), true);
|
|
});
|
|
|
|
it("is not admin", () => {
|
|
assert.strictEqual(userFunctions.userIsAdmin(updateOnlyRequest), false);
|
|
});
|
|
});
|
|
|
|
describe("admin only user, no update", () => {
|
|
const adminOnlyRequest: userFunctions.UserRequest = {
|
|
session: {
|
|
user: {
|
|
userName: "*test",
|
|
userProperties: {
|
|
canUpdate: false,
|
|
isAdmin: true,
|
|
apiKey: ""
|
|
}
|
|
}
|
|
}
|
|
};
|
|
|
|
it("can not update", () => {
|
|
assert.strictEqual(userFunctions.userCanUpdate(adminOnlyRequest), false);
|
|
});
|
|
|
|
it("is admin", () => {
|
|
assert.strictEqual(userFunctions.userIsAdmin(adminOnlyRequest), true);
|
|
});
|
|
});
|
|
|
|
describe("update admin user", () => {
|
|
const updateAdminRequest: userFunctions.UserRequest = {
|
|
session: {
|
|
user: {
|
|
userName: "*test",
|
|
userProperties: {
|
|
canUpdate: true,
|
|
isAdmin: true,
|
|
apiKey: ""
|
|
}
|
|
}
|
|
}
|
|
};
|
|
|
|
it("can update", () => {
|
|
assert.strictEqual(userFunctions.userCanUpdate(updateAdminRequest), true);
|
|
});
|
|
|
|
it("is admin", () => {
|
|
assert.strictEqual(userFunctions.userIsAdmin(updateAdminRequest), true);
|
|
});
|
|
});
|
|
|
|
describe("API key check", () => {
|
|
it("authenticates with a valid API key", async () => {
|
|
const apiKeysJSON: { [userName: string]: string } = JSON.parse(
|
|
fs.readFileSync("data/apiKeys.json", "utf8")
|
|
);
|
|
|
|
const apiKey = Object.values(apiKeysJSON)[0];
|
|
|
|
const apiRequest: userFunctions.APIRequest = {
|
|
params: {
|
|
apiKey
|
|
}
|
|
};
|
|
|
|
assert.strictEqual(await userFunctions.apiKeyIsValid(apiRequest), true);
|
|
});
|
|
|
|
it("fails to authenticate with an invalid API key", async () => {
|
|
const apiRequest: userFunctions.APIRequest = {
|
|
params: {
|
|
apiKey: "badKey"
|
|
}
|
|
};
|
|
|
|
assert.strictEqual(await userFunctions.apiKeyIsValid(apiRequest), false);
|
|
});
|
|
|
|
it("fails to authenticate with no API key", async () => {
|
|
const apiRequest: userFunctions.APIRequest = {
|
|
params: {}
|
|
};
|
|
|
|
assert.strictEqual(await userFunctions.apiKeyIsValid(apiRequest), false);
|
|
});
|
|
});
|
|
});
|